SlideShare a Scribd company logo

Jitter Bugslec

S
scottdp3

The document discusses various security threats posed by new technologies, and proposes potential solutions to address them. These threats include keyboard loggers stealing passwords, iPods and other removable storage downloading corporate data without permission, personal information being shared over peer-to-peer networks, and Trojan horses stealing bank details. Proposed solutions involve restricting or banning potentially risky technologies and educating users and companies about more secure practices.

Technology
1 of 18
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Operating System What Can We Do?
Sources http://www.protect-me.com/industry_news.html
JitterBugs Attached to a keyboard -- could be a new security threat? Piggyback onto network connections to discreetly send passwords and other sensitive data over the Internet
How does this work? By causing calculated "jitters" in keyboard input while such a program is running, a JitterBug could slightly delay data sent over the network. Certain amounts of delay could represent a one or a zero in each packet that is linked to keyboard use, allowing an attacker to send secret information in otherwise innocuous data without modifying software or initiating any new connections.
What Can We Do? Get rid of keyboards?
Stealing data with iPods Hi-tech thieves are using iPods to download data Blackberries, mobile phones with in-built storage, data pens and memory sticks that fit onto a key ring can be surreptitiously plugged into a computer port and used to steal bank account details, insurance information or even medical records.
Points Industry analyst Gartner says 70 per cent of security losses are as a result of insider activity. Protiviti says computer-based crime costs UK businesses up to $540,000 an hour, or an average of more than $1100 a business per year.
iPod Bad? An iPod can easily be configured to behave like a regular hard disk, which is capable of stealing confidential data quickly. ‘ Podslurping' – Using an iPod to copy corporate data without permission
What Can We DO? 'lock down' ports to stop unwanted peripherals downloading data? ban iPods and other data-downloading equipment?
P2P ( Peer to Peer) P2P Users Beware -- Your Personal Info Could Be Out There Medical records, financial information and router passwords have all popped up on P2P network file shares
What Can We Do? Just say no?
IT Managers Ignore Removable Media Risk The survey, of 248 IT professionals who had attended the Infosecurity Europe 2006 conference in London A survey conducted by the Mobile Security Company, revealed that 56% of employees downloaded corporate information onto their memory sticks, up from 31% last year
Things to think on The most popular use of the memory sticks was the storage of corporate data such as contracts, proposals and other business documents Only 21% secured flashdrives with passwords and encryption 12% of organizations banned them completely from the workplace
Things to think on Removable media is plummeting in price, have soaring memory capacities, and more people are using them at work
What Are We to Do? Companies need to be educated about using them securely Ban their use?
Trojan horses steal bank details and passwords Banks in the United Kingdom, Germany and Spain have been targeted by MetaFisher, otherwise known as Spy-Agent and PWS. After infecting a computer, the Trojan horse waits until the user visits a legitimate bank Web site, and then injects malicious HTML into certain fields there.
Points What is a Trojan Horse? The attackers attempt to place the Trojan on a computer using an exploit for the Windows Meta File flaw in Microsoft's Internet Explorer The potential victim must visit a malicious Web site to infect their system, and attackers may use e-mails to direct them there.
What Do We Do? Don’t allow users to download executable programs?

More Related Content

PDF
Malta Economic Update 06 2008 - isec interview
Fabian Borg
 
PPTX
Data Security Breach: The Sony & Staples Story
International Institute for Learning
 
PPTX
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Alisha Deboer
 
PPTX
What Cybercriminals Want: Company Data – by United Security Providers
United Security Providers AG
 
PPTX
Chapter 17 a fraud in e commerce Jen
VidaB
 
PPTX
E commerce fraud chapter 17 B Ahmed
VidaB
 
PPTX
Updated Cyber Security and Fraud Prevention Tools Tactics
Ben Graybar
 
PDF
How to Find Security Breaches Before They Sink You
Skyhigh Networks
 
Malta Economic Update 06 2008 - isec interview
Fabian Borg
 
Data Security Breach: The Sony & Staples Story
International Institute for Learning
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Alisha Deboer
 
What Cybercriminals Want: Company Data – by United Security Providers
United Security Providers AG
 
Chapter 17 a fraud in e commerce Jen
VidaB
 
E commerce fraud chapter 17 B Ahmed
VidaB
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Ben Graybar
 
How to Find Security Breaches Before They Sink You
Skyhigh Networks
 

What's hot (20)

PPTX
What Makes Web Applications Desirable For Hackers
Jaime Manteiga
 
PDF
Target Breach Analysis
Tal Be'ery
 
PPTX
Hacking ppt
giridhar_sadasivuni
 
PDF
Dw communication
Arjun Chetry
 
PDF
How to safe your company from having a security breach
Baltimax
 
PDF
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
CODE BLUE
 
PPT
Hackers
Alvaro Cipriano
 
PPT
Hackers
guesta04f59b
 
PPTX
Cyber security
REVA UNIVERSITY
 
PDF
AI for CyberSecurity
Satnam Singh
 
PDF
Internet of Things - A Different Kind of Scary v2
FitCEO, Inc. (FCI)
 
PPTX
Protect the Unexpected
Charles Mok
 
PPTX
Security Awareness Presentation Fall 2013
COCommunityCollegeSystem
 
PDF
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
DOCX
Final report ethical hacking
samprada123
 
PPTX
Online privacy & security
Priyab Satoshi
 
DOCX
Final report ethical hacking
samprada123
 
PPTX
LockheedPreview
Jessica Morris
 
PDF
A Guide to Internet Security For Businesses- Business.com
Business.com
 
PPT
Computer crime
Uc Man
 
What Makes Web Applications Desirable For Hackers
Jaime Manteiga
 
Target Breach Analysis
Tal Be'ery
 
Hacking ppt
giridhar_sadasivuni
 
Dw communication
Arjun Chetry
 
How to safe your company from having a security breach
Baltimax
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
CODE BLUE
 
Hackers
Alvaro Cipriano
 
Hackers
guesta04f59b
 
Cyber security
REVA UNIVERSITY
 
AI for CyberSecurity
Satnam Singh
 
Internet of Things - A Different Kind of Scary v2
FitCEO, Inc. (FCI)
 
Protect the Unexpected
Charles Mok
 
Security Awareness Presentation Fall 2013
COCommunityCollegeSystem
 
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
Final report ethical hacking
samprada123
 
Online privacy & security
Priyab Satoshi
 
Final report ethical hacking
samprada123
 
LockheedPreview
Jessica Morris
 
A Guide to Internet Security For Businesses- Business.com
Business.com
 
Computer crime
Uc Man
 
Ad

Viewers also liked (16)

PPTX
Repositorios web
dome_davila12
 
PDF
Examination
excitedyesterda13
 
PDF
Mobile Websites: No Longer An Option
Cruz Alonzo
 
PPTX
The Economic Development in the African Continent
Yahya A. A. Abdulqader
 
PPTX
El cuatro instrumento musical
Adriana gabriela Araujo vivas
 
PPTX
BRICS
Priti Thakur
 
PPTX
brics monetary_policy_presentation
Swati Tyagi
 
DOCX
Religija
angelinabrankovic51
 
PPTX
Spira team
VirgCSan
 
DOCX
Judaizam i hriscanstvo
angelinabrankovic51
 
PPTX
Macro Economic Environment of South Africa
Disha Bedi
 
PDF
Contexto escolar em LIBRAS
Nelinha Soares
 
PPT
Moldova în timpul lui stefan cel mare grupa 4
adrianagabriela1999
 
PPTX
BRICS Nations
Deep Das
 
PDF
Le marketing de contenu de la startup, selon Azendoo
Editoile
 
PPTX
Design of pile cap
Puspendu Ray
 
Repositorios web
dome_davila12
 
Examination
excitedyesterda13
 
Mobile Websites: No Longer An Option
Cruz Alonzo
 
The Economic Development in the African Continent
Yahya A. A. Abdulqader
 
El cuatro instrumento musical
Adriana gabriela Araujo vivas
 
BRICS
Priti Thakur
 
brics monetary_policy_presentation
Swati Tyagi
 
Religija
angelinabrankovic51
 
Spira team
VirgCSan
 
Judaizam i hriscanstvo
angelinabrankovic51
 
Macro Economic Environment of South Africa
Disha Bedi
 
Contexto escolar em LIBRAS
Nelinha Soares
 
Moldova în timpul lui stefan cel mare grupa 4
adrianagabriela1999
 
BRICS Nations
Deep Das
 
Le marketing de contenu de la startup, selon Azendoo
Editoile
 
Design of pile cap
Puspendu Ray
 
Ad

Similar to Jitter Bugslec (20)

PPT
Ch02 System Threats and Risks
Information Technology
 
PPSX
IT Security Seminar Cougar CPS
cougarcps
 
PDF
Network monitoring white paper
Imaging Network Technology, LLC
 
PPT
Merit Event - Closing the Back Door in Your Systems
meritnorthwest
 
KEY
Malware mitigation
Ramsés Gallego
 
PPTX
Computer Security and Ethics
Mohsin Riaz
 
PDF
lesson2-safeandresponsibleuseofict-210806120854.pdf
Debbie Rizza Daroy
 
PPTX
HELE 4 Lesson 2: Safe and Responsible Use of ICT
Benandro Palor
 
PPTX
Security Awareness 101
HaroldCo
 
PPT
Data security
sbmiller87
 
PPT
11 Computer Privacy
Saqib Raza
 
PDF
Is your data at risk? Why physical security is insufficient for laptop computers
FindWhitePapers
 
PPT
091005 Internet Security
dkp205
 
PDF
Cyber Malware Programs And The Internet
Heidi Maestas
 
PDF
Meeting the Cybersecurity Challenge
Net at Work
 
PPTX
Protecting Yourself From Data and Identity Theft
Mary Lou Roberts
 
PPTX
Privacy, Security
guestf77c65c
 
PPT
Top Five Internal Security Vulnerabilities
Peter Wood
 
PDF
4 threatsandvulnerabilities
richarddxd
 
PPT
Computer security and_privacy_2010-2011
lbcollins18
 
Ch02 System Threats and Risks
Information Technology
 
IT Security Seminar Cougar CPS
cougarcps
 
Network monitoring white paper
Imaging Network Technology, LLC
 
Merit Event - Closing the Back Door in Your Systems
meritnorthwest
 
Malware mitigation
Ramsés Gallego
 
Computer Security and Ethics
Mohsin Riaz
 
lesson2-safeandresponsibleuseofict-210806120854.pdf
Debbie Rizza Daroy
 
HELE 4 Lesson 2: Safe and Responsible Use of ICT
Benandro Palor
 
Security Awareness 101
HaroldCo
 
Data security
sbmiller87
 
11 Computer Privacy
Saqib Raza
 
Is your data at risk? Why physical security is insufficient for laptop computers
FindWhitePapers
 
091005 Internet Security
dkp205
 
Cyber Malware Programs And The Internet
Heidi Maestas
 
Meeting the Cybersecurity Challenge
Net at Work
 
Protecting Yourself From Data and Identity Theft
Mary Lou Roberts
 
Privacy, Security
guestf77c65c
 
Top Five Internal Security Vulnerabilities
Peter Wood
 
4 threatsandvulnerabilities
richarddxd
 
Computer security and_privacy_2010-2011
lbcollins18
 

Recently uploaded (20)

PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PDF
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PDF
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
A Presentation on Artificial Intelligence
memembruh336
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 

Jitter Bugslec

  • 3. JitterBugs Attached to a keyboard -- could be a new security threat? Piggyback onto network connections to discreetly send passwords and other sensitive data over the Internet
  • 4. How does this work? By causing calculated "jitters" in keyboard input while such a program is running, a JitterBug could slightly delay data sent over the network. Certain amounts of delay could represent a one or a zero in each packet that is linked to keyboard use, allowing an attacker to send secret information in otherwise innocuous data without modifying software or initiating any new connections.
  • 5. What Can We Do? Get rid of keyboards?
  • 6. Stealing data with iPods Hi-tech thieves are using iPods to download data Blackberries, mobile phones with in-built storage, data pens and memory sticks that fit onto a key ring can be surreptitiously plugged into a computer port and used to steal bank account details, insurance information or even medical records.
  • 7. Points Industry analyst Gartner says 70 per cent of security losses are as a result of insider activity. Protiviti says computer-based crime costs UK businesses up to $540,000 an hour, or an average of more than $1100 a business per year.
  • 8. iPod Bad? An iPod can easily be configured to behave like a regular hard disk, which is capable of stealing confidential data quickly. ‘ Podslurping' – Using an iPod to copy corporate data without permission
  • 9. What Can We DO? 'lock down' ports to stop unwanted peripherals downloading data? ban iPods and other data-downloading equipment?
  • 10. P2P ( Peer to Peer) P2P Users Beware -- Your Personal Info Could Be Out There Medical records, financial information and router passwords have all popped up on P2P network file shares
  • 11. What Can We Do? Just say no?
  • 12. IT Managers Ignore Removable Media Risk The survey, of 248 IT professionals who had attended the Infosecurity Europe 2006 conference in London A survey conducted by the Mobile Security Company, revealed that 56% of employees downloaded corporate information onto their memory sticks, up from 31% last year
  • 13. Things to think on The most popular use of the memory sticks was the storage of corporate data such as contracts, proposals and other business documents Only 21% secured flashdrives with passwords and encryption 12% of organizations banned them completely from the workplace
  • 14. Things to think on Removable media is plummeting in price, have soaring memory capacities, and more people are using them at work
  • 15. What Are We to Do? Companies need to be educated about using them securely Ban their use?
  • 16. Trojan horses steal bank details and passwords Banks in the United Kingdom, Germany and Spain have been targeted by MetaFisher, otherwise known as Spy-Agent and PWS. After infecting a computer, the Trojan horse waits until the user visits a legitimate bank Web site, and then injects malicious HTML into certain fields there.
  • 17. Points What is a Trojan Horse? The attackers attempt to place the Trojan on a computer using an exploit for the Windows Meta File flaw in Microsoft's Internet Explorer The potential victim must visit a malicious Web site to infect their system, and attackers may use e-mails to direct them there.
  • 18. What Do We Do? Don’t allow users to download executable programs?